lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220610155205.3111213-1-sumanthk@linux.ibm.com>
Date:   Fri, 10 Jun 2022 17:52:05 +0200
From:   Sumanth Korikkar <sumanthk@...ux.ibm.com>
To:     willy@...radead.org
Cc:     linux-ext4@...r.kernel.org, gerald.schaefer@...ux.ibm.com,
        gor@...ux.ibm.com, agordeev@...ux.ibm.com,
        linux-f2fs-devel@...ts.sourceforge.net,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, linux-nilfs@...r.kernel.org,
        Sumanth Korikkar <sumanthk@...ux.ibm.com>
Subject: Re: [PATCH 06/10] hugetlbfs: Convert remove_inode_hugepages() to use filemap_get_folios()

Hi,

The kernel crashes with the following backtrace on linux-next:

[  203.304451] kernel BUG at fs/inode.c:612!
[  203.304466] invalid opcode: 0000 [#1] PREEMPT SMP PTI
[  203.305215] CPU: 0 PID: 868 Comm: alloc-instantia Not tainted 5.19.0-rc1-next-20220609 #256
[  203.305563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-6.fc35 04/01/2014
[  203.305922] RIP: 0010:clear_inode+0x6e/0x80
[  203.306139] Code: 00 a8 20 74 29 a8 40 75 27 48 8b 93 18 01 00 00 48 8d 83 18 01 00 00 48 39 c2 75 16 48 c7 83 98 00 00 00 60 00 00 00 5b 5d c3 <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  203.306827] RSP: 0018:ffffa49dc07cbde8 EFLAGS: 00010002
[  203.307074] RAX: 0000000000000000 RBX: ffff8bf4cecc4010 RCX: 0000000000069600
[  203.307380] RDX: 0000000000000001 RSI: ffffffff929b5b2b RDI: 0000000000000000
[  203.307715] RBP: ffff8bf4cecc4180 R08: 000003fffffffffe R09: ffffffffffffffc0
[  203.307988] R10: ffff8bf4ca515ec8 R11: ffffa49dc07cbc68 R12: ffff8bf4cecc4118
[  203.308256] R13: ffff8bf4cf029a80 R14: ffff8bf4cb2ce900 R15: ffff8bf4c79b8848
[  203.308591] FS:  0000000000000000(0000) GS:ffff8bf533000000(0000) knlGS:0000000000000000
[  203.309033] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  203.309327] CR2: 00007fadbf5d3838 CR3: 000000016520c000 CR4: 00000000000006f0
[  203.309661] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  203.309997] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  203.310330] Call Trace:
[  203.310534]  <TASK>
[  203.310733]  evict+0xc3/0x1c0
[  203.310956]  __dentry_kill+0xd6/0x170
[  203.311196]  dput+0x144/0x2e0
[  203.311416]  __fput+0xdb/0x240
[  203.311634]  task_work_run+0x5c/0x90
[  203.311876]  do_exit+0x317/0xa80
[  203.312104]  do_group_exit+0x2d/0x90
[  203.312337]  __x64_sys_exit_group+0x14/0x20
[  203.312599]  do_syscall_64+0x3b/0x90
[  203.312816]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[  203.313064] RIP: 0033:0x7fadbf4f2711
[  203.313275] Code: Unable to access opcode bytes at RIP 0x7fadbf4f26e7.
[  203.313559] RSP: 002b:00007fff6b0e0458 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  203.313932] RAX: ffffffffffffffda RBX: 00007fadbf5cf9e0 RCX: 00007fadbf4f2711
[  203.314228] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[  203.314523] RBP: 0000000000000000 R08: ffffffffffffff80 R09: 0000000000000000
[  203.314821] R10: 00007fadbf3dffa8 R11: 0000000000000246 R12: 00007fadbf5cf9e0
[  203.315120] R13: 0000000000000000 R14: 00007fadbf5d4ee8 R15: 00007fadbf5d4f00
[  203.315431]  </TASK>
[  203.315606] Modules linked in: zram zsmalloc xfs libcrc32c
[  203.315875] ---[ end trace 0000000000000000 ]---
[  203.315876] RIP: 0010:clear_inode+0x6e/0x80
[  203.315878] Code: 00 a8 20 74 29 a8 40 75 27 48 8b 93 18 01 00 00 48 8d 83 18 01 00 00 48 39 c2 75 16 48 c7 83 98 00 00 00 60 00 00 00 5b 5d c3 <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  203.315879] RSP: 0018:ffffa49dc07cbde8 EFLAGS: 00010002
[  203.315880] RAX: 0000000000000000 RBX: ffff8bf4cecc4010 RCX: 0000000000069600
[  203.315881] RDX: 0000000000000001 RSI: ffffffff929b5b2b RDI: 0000000000000000
[  203.315881] RBP: ffff8bf4cecc4180 R08: 000003fffffffffe R09: ffffffffffffffc0
[  203.315882] R10: ffff8bf4ca515ec8 R11: ffffa49dc07cbc68 R12: ffff8bf4cecc4118
[  203.315883] R13: ffff8bf4cf029a80 R14: ffff8bf4cb2ce900 R15: ffff8bf4c79b8848
[  203.315884] FS:  0000000000000000(0000) GS:ffff8bf533000000(0000) knlGS:0000000000000000
[  203.315886] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  203.315887] CR2: 00007fadbf5d3838 CR3: 000000016520c000 CR4: 00000000000006f0
[  203.315887] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  203.315888] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  203.315889] note: alloc-instantia[868] exited with preempt_count 1
[  203.315890] Fixing recursive fault but reboot is needed!
[  203.315892] BUG: scheduling while atomic: alloc-instantia/868/0x00000000
[  203.315893] Modules linked in: zram zsmalloc xfs libcrc32c
[  203.315894] Preemption disabled at:
[  203.315895] [<0000000000000000>] 0x0
[  203.315896] CPU: 0 PID: 868 Comm: alloc-instantia Tainted: G      D           5.19.0-rc1-next-20220609 #256
[  203.315898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-6.fc35 04/01/2014
[  203.315898] Call Trace:
[  203.315900]  <TASK>
[  203.315901]  dump_stack_lvl+0x34/0x44
[  203.315905]  __schedule_bug.cold+0x7d/0x8b
[  203.315907]  __schedule+0x624/0x700
[  203.315908]  ? _printk+0x58/0x6f
[  203.315911]  do_task_dead+0x3f/0x50
[  203.315913]  make_task_dead.cold+0x51/0xab
[  203.315914]  rewind_stack_and_make_dead+0x17/0x17
[  203.315917] RIP: 0033:0x7fadbf4f2711
[  203.315918] Code: Unable to access opcode bytes at RIP 0x7fadbf4f26e7.
[  203.315918] RSP: 002b:00007fff6b0e0458 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  203.315919] RAX: ffffffffffffffda RBX: 00007fadbf5cf9e0 RCX: 00007fadbf4f2711
[  203.315920] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[  203.315921] RBP: 0000000000000000 R08: ffffffffffffff80 R09: 0000000000000000
[  203.315921] R10: 00007fadbf3dffa8 R11: 0000000000000246 R12: 00007fadbf5cf9e0
[  203.315922] R13: 0000000000000000 R14: 00007fadbf5d4ee8 R15: 00007fadbf5d4f00
[  203.315924]  </TASK>


* Bisected the crash to this commit.

To reproduce:
* clone libhugetlbfs:
* Execute, PATH=$PATH:"obj64/" LD_LIBRARY_PATH=../obj64/ alloc-instantiate-race shared
 
Crashes on both s390 and x86. 
 
Thanks

--
Sumanth 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ